c00ef4e44b3686a9ce8b2d94c67741fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c00ef4e44b3686a9ce8b2d94c67741fe
Size

75KB
MD5

c00ef4e44b3686a9ce8b2d94c67741fe
SHA1

17575600ecec096cdddc03adc830b551f1ac6198
SHA256

4fd4b37bdc944bf781260cb1eb7e28f2aaabdc17088cf150ec7264f389797fc5
SHA512

8e62237d4463b69aeb4268f5609c1718074a0da36cad72fd095f802562ee99f33928f789873542086ddcdb4058d19ad58d3b5079190bf2d39fdc1c4c4d5e6084
SSDEEP

384:Q1LfB6I8lfeKnc2NuAcG99RFHYsZag/YE8NEegMx4NegIyu1D0QIhtJgbocbQ:YB6RlfxNuvc5Yo8NEQ48gIj11M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c00ef4e44b3686a9ce8b2d94c67741fe

Files

c00ef4e44b3686a9ce8b2d94c67741fe
.exe windows:4 windows x86 arch:x86

5a7781a19234378bf31518e85aecf487

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
EnumDateFormatsExW
lstrcatW
GetExpandedNameA
GlobalUnWire
OpenMutexA

user32

User32InitializeImmEntryTable
SetClassLongW
GetCursorFrameInfo
GetClassInfoA
CallMsgFilterW
LoadStringA
RegisterWindowMessageW
GetActiveWindow

gdi32

EngCreateClip
GdiIsMetaPrintDC
SelectFontLocal
GetTextFaceA
CreateMetaFileA

Sections

.text
Size: 20KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2_NewSec
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ